Create different Admin users based on permissions.

[sanchegm]

• An admin user should have view and admin (edit/create/delete) permissions. But should not have access to edit/view other users/groups.
  • Create your own ModelAdmin subclass without those fields following: https://docs.djangoproject.com/en/5.0/topics/auth/customizing/#extending-the-existing-user-model
• A superuser admin will have view, admin, and edit/view users/groups permissions.

[sanchegm]

Superuser can view/edit/create/delete Users and Groups (Groups help manage permissions). They can also see recent actions.

Built in permissions options:

• Active: Designates whether this user should be treated as active. Unselect this instead of deleting accounts.
• Staff status: Designates whether the user can log into this admin site.
• Superuser status: Designates that this user has all permissions without explicitly assigning them.

All Affiliation Service Users would need to have Active and Staff status. Only certain users should have Superuser status.

Created "affils_staff" group to allow users to manage all aspects of affiliations (view, create, delete, etc), but do not had Authentication/Authorization permissions to make changes about Users/Groups.

TODO:

• The input fields and select menus in Groups and Users need to match UI stylization.

  

• Is there a way to make permissions field larger?

  

• Create documentation flow for new users/groups.